Debian Security Advisory DSA 529-1 (netkit-telnet-ssl) Network Vulnerability

Summary

The remote host is missing an update to netkit-telnet-ssl announced via advisory DSA 529-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20529-1

Insight

b0f discovered a format string vulnerability in netkit-telnet-ssl which could potentially allow a remote attacker to cause the execution of arbitrary code with the privileges of the telnet daemon (the 'telnetd' user by default). For the current stable distribution (woody), this problem has been fixed in version 0.17.17+0.1-2woody1. For the unstable distribution (sid), this problem has been fixed in version 0.17.24+0.1-2. We recommend that you update your netkit-telnet-ssl package.

Severity

Classification

CVE CVE-2004-0640

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Debian Security Advisory DSA 042-1 (gnuserv, xemacs21)
Debian Security Advisory DSA 1044-1 (mozilla-firefox)
Debian Security Advisory DSA 073-1 (imp)
Debian Security Advisory DSA 085-1 (nvi, nvi-m17n)
Debian Security Advisory DSA 081-1 (w3m, w3m-ssl)

Take action and discover your vulnerabilities